SUSE-SU-2021:2332-1 Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19756 fixes several issues. The following security issues were fixed: - CVE-2021-0512: Fixed a possible out-of-bounds write which could lead to local escalation of privilege with no additional execution privileges needed. bsc1187597 - CVE-2021-23133: Fixed...

CVE-2020-10742

A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmalloc will cause a kernel panic. The highest threat from this vulnerability is to data confidentiality...

UVI-2021-1000075 cifs: fix regression when mounting shares with prefix paths

cifs: fix regression when mounting shares with prefix paths This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.3 by commit...

Linux kernel elevation of privilege vulnerability (CNVD-2021-34716)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel version 5.12.2. net/bluetooth/hcirequest.c in the Linux kernel has a race condition to remove the HCI controller. No details...

SUSE-SU-2021:1373-1 Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3)

This update for the Linux Kernel 4.4.180-94135 fixes one issue. The following security issues were fixed: - CVE-2021-28688: Fixed an issue introduced by XSA-365 bsc1182294, bsc1183646. - CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping XSA-365 bsc1182294. -...

CVE-2020-36310

An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a setmemoryregiontest infinite loop for certain nested page faults, aka CID-e72436bc3a52...

CVE-2021-28964

A race condition was discovered in getoldroot in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service BUG because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc...

SUSE-SU-2021:0842-1 Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-249 fixes several issues. The following security issues were fixed: - CVE-2020-29368: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check bsc1179664. - Fixed an...

SUSE-SU-2021:0840-1 Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-2446 fixes several issues. The following security issues were fixed: - CVE-2020-29368: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check bsc1179664. -...

Unspecified vulnerability in Linux kernel (CNVD-2021-19426)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel versions 4.18 through 5.10.16, which stems from the fact that the back-end allocation mode of the drmxenfront driver is not mean...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

SUSE-SU-2020:3204-1 Security update for the Linux Kernel (Live Patch 0 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-120 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex futex wait operation, which could have lead to memory corruption and possibly privilege escalation bsc1176011. -...

SUSE-SU-2020:3178-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15)

This update for the Linux Kernel 4.12.14-15058 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex futex wait operation, which could have lead to memory corruption and possibly privilege escalation bsc1176011. -...

SUSE-SU-2020:3180-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP1)

This update for the Linux Kernel 4.12.14-19726 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex futex wait operation, which could have lead to memory corruption and possibly privilege escalation bsc1176011. -...

CVE-2020-27673

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service host OS hang via a high rate of events to dom0, aka CID-e99502f76271...

CVE-2020-10781

A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hotadd file can create ZRAM device nodes in the /dev/ directory. This read allocates kernel memory and is not accounted for a user...

CVE-2020-25211

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlinkparsetuplefilter in net/netfilter/nfconntracknetlink.c, aka CID-1cc5ef91d2ff...

SUSE-SU-2020:2577-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bug was fixed: - CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption bsc1176069...

SUSE-SU-2020:2487-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-10135: Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may have allowed an...

MGASA-2020-0355 Updated kernel and kernel-linus packages fix security vulnerabilities

This update is based on the upstream 5.7.19 kernel and fixes at least the following security issue: In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in trymergefreespace ...